EDB-ID-45502: The vulnerabilities can Break the Microsoft Edge Sandbox
EDB-ID-45502 - The vulnerabilities can Break the Microsoft Edge Sandbox
EDB-ID: 45502
CVE: CVE-2018-8463, CVE-2018-8468, CVE-2018-8469
E-DB Verified: Yes
Author: Google Security Research
Type: Remote
Advisory/Source: bugs.chromium.org
Published: 2018-09-27 (2018-10 on toollinux)
Platform: Windows
Vulnerable: Microsoft Edge
* Microsoft Windows 10 for 32-bit Systems
* Microsoft Windows 10 for x64-based Systems
* Microsoft Windows 10 version 1511 for 32-bit Systems
* Microsoft Windows 10 version 1511 for x64-based Systems
* Microsoft Windows 10 Version 1607 for 32-bit Systems
* Microsoft Windows 10 Version 1607 for x64-based Systems
* Microsoft Windows 10 version 1703 for 32-bit Systems
* Microsoft Windows 10 version 1703 for x64-based Systems
* Microsoft Windows 10 version 1709 for 32-bit Systems
* Microsoft Windows 10 version 1709 for x64-based Systems
* Microsoft Windows 10 Version 1803 for 32-bit Systems
* Microsoft Windows 10 Version 1803 for x64-based Systems
* Microsoft Windows Server 2016
* Microsoft Windows Server 2016 for x64-based Systems
* Microsoft Windows Server 2012 R2
* Microsoft Windows Server 2012
* Microsoft Windows Server 2008 R2 for x64-based Systems SP1
* Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
* Microsoft Windows Server 2008 for x64-based Systems SP2
* Microsoft Windows Server 2008 for Itanium-based Systems SP2
* Microsoft Windows Server 2008 for 32-bit Systems SP2
About CVE-2018-8463
An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft Edge Elevation of Privilege Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8469.
An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser. An attacker who successfully exploited this vulnerability could gain elevated privileges and break out of the Edge AppContainer sandbox.
The vulnerability by itself does not allow arbitrary code to run. However, this vulnerability could be used in conjunction with one or more vulnerabilities (for example a remote code execution vulnerability and another elevation of privilege vulnerability) to take advantage of the elevated privileges when running.
The security update addresses the vulnerability by modifying how Microsoft Edge handles sandboxing.
About CVE-2018-8468
An elevation of privilege vulnerability exists when Windows, allowing a sandbox escape, aka "Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
An elevation of privilege vulnerability exists in Windows that allows a sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system.
This vulnerability by itself does not allow arbitrary code execution. However, the vulnerability could allow arbitrary code to run if an attacker uses it in combination with another vulnerability, such as a remote code execution vulnerability or another elevation of privilege vulnerability, that can leverage the elevated privileges when code execution is attempted.
The security update addresses the vulnerability by correcting how Windows parses files.
About CVE-2018-8469
An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft Edge Elevation of Privilege Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8463.
An elevation of privilege vulnerability exists in Microsoft Edge that could allow an attacker to escape from the AppContainer sandbox in the browser. An attacker who successfully exploited this vulnerability could gain elevated privileges and break out of the Edge AppContainer sandbox.
The vulnerability by itself does not allow arbitrary code to run. However, this vulnerability could be used in conjunction with one or more vulnerabilities (for example a remote code execution vulnerability and another elevation of privilege vulnerability) to take advantage of the elevated privileges when running.
The security update addresses the vulnerability by modifying how Microsoft Edge handles sandboxing.
And have something to say about toollinux or EDB-ID-45502 (or CVE-2018-8463, CVE-2018-8468, CVE-2018-8469)? Comment below or share this post from toollinux Facebook, toollinux Twitter and toollinux Google Plus.
From Exploit Database, CVE and Microsoft